How to Disable User Login | Community
Skip to main content
A
a_lex_
Level 3
October 16, 2015
Solved

How to Disable User Login

  • October 16, 2015
  • 3 replies
  • 4579 views

Hi,

We are trying to figure out a way to disable a user account from logging into AEM. We want to keep the account in the system, just somehow disable it and have the option to re-enable it if it is ever needed.

Anyone have a solution for this? We have tried the activate/deactivate functionality in the user management console, but it does not seem to effect if the user is able to login.

 

 

Thanks!

    This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
    Best answer by Sham_HC

    Make use of property rep:disabled for your use case. 

    To disable the user test just enter a reason as the value for disableUser
    curl -u admin:admin -F "disableUser=Not required" http://host:port/home/users/t/test.rw.html

    To reenable again

    curl -u admin:admin -F "disableUser=" http://host:port/home/users/t/test.rw.html

    3 replies

    Sham_HC
    Sham_HCAccepted solution
    Level 10
    October 16, 2015

    Make use of property rep:disabled for your use case. 

    To disable the user test just enter a reason as the value for disableUser
    curl -u admin:admin -F "disableUser=Not required" http://host:port/home/users/t/test.rw.html

    To reenable again

    curl -u admin:admin -F "disableUser=" http://host:port/home/users/t/test.rw.html

      smacdonald2008
      smacdonald2008
      Level 10
      October 16, 2015

      You can control a users functionality with AEM by setting permissions,  I have never read a document that suggests that you can control a user logging in - however you can control permissions - including read permissions to the JCR: 

      https://docs.adobe.com/docs/en/cq/5-6-1/administering/security.html#Modifying User and Group Properties

      al_ber_to_
      al_ber_to_
      Level 2
      October 16, 2015

      Hello Alex, 

      Depending on your setup, you can do a couple of things:

      1 - You can create a group with permissions to 'nothing', and assign these users to that group. So that when they log-in, they get nothing. Follow Scott's link for how to set these.

      2 - You can overwrite their password and then they wouldnt be able to log-in in the first place.

      Im sure there are other more polished solutions, but I find these two are very easy to implement and effective. 

      PS - I've only used the activate-deactivate only controls the publishing of the user credentials to the publisher server. It is useful when you have a log-in on the front-end (like for a closed user group section).

      Terms & ConditionsAccessibility statement

      Loading footer...